Is This Strong Enough To Prevent SQL Injection? - Webmasters - Nairaland
Nairaland Forum › Science/Technology › Webmasters › Is This Strong Enough To Prevent SQL Injection? (707 Views)
| Is This Strong Enough To Prevent SQL Injection? by Raylight2(op): 5:56pm On Aug 18, 2015 |
$username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); |
| Re: Is This Strong Enough To Prevent SQL Injection? by IamGodzilla: 5:58pm On Aug 18, 2015 |
Raylight2:use mySQLI ![]() |
| Re: Is This Strong Enough To Prevent SQL Injection? by 0luwatope(m): 10:18am On Aug 19, 2015 |
Am a novice and i use cleanvalues... Am i safe? |
| Re: Is This Strong Enough To Prevent SQL Injection? by dwebdesign(m): 7:20pm On Aug 19, 2015 |
you should upgrade to using mysqlite same as MYSQLI, but if you insist, stripslashes and encode base64 are secured methods enough for database. for passwords, Also use A SALT VALUE, attach it to the submitted data before been sent to the database. |
| Re: Is This Strong Enough To Prevent SQL Injection? by micodon(m): 10:23pm On Aug 19, 2015 |
Raylight2:1. Use prepared statements with PDO. takes care of query filtering 2. Encrypt your passwords with BCRYPT. its probably the safest, popular encryption algo out their. with it, there's no need for using a salt. |
| Re: Is This Strong Enough To Prevent SQL Injection? by Raylight2(op): 7:44am On Aug 20, 2015 |
thank you all for your comments
I'll apply them |
SQL Injection: Complete Tutorial • How To Secure Web Applications Against SQL INJECTION • Wordpress Vulnerability: The Sql Injection • 2 • 3 • 4
Source Code Viewer Script • How To Submit A Press Release For Your Blog Post • How I Make $3000+ Today On My Adsense Account (this Is Exactly What I Did)
